class DaiyunyingController < ApplicationController
  skip_before_action :verify_authenticity_token
  def create

    timestamp = Time.now.to_i
    nonceStr  = SecureRandom.hex(8)
    url = URI.decode_www_form_component(params[:url])
    fields = %W[jsapi_ticket=#{jsapi_ticket} noncestr=#{nonceStr}  timestamp=#{timestamp} url=#{url}]
    signature = Digest::SHA1.hexdigest(fields.sort.join('&'))

    render json: { appId: app_id,
                   timestamp: timestamp,
                   nonceStr: nonceStr,
                   signature: signature}

  end

  private
  def settings
    YAML.load(File.open("#{Rails.root}/config/keys.yml"))['Daiyunying']
  end
  def  app_id
    settings['app_id']
  end
  def app_secret
    settings['app_secret']
  end
  def jsapi_ticket
    Ticket.get_ticket('Daiyunying', app_id, app_secret)
  end
end
